what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-01-25

Red Hat Security Advisory 2016-0064-01
Posted Jan 25, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0064-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the Linux kernel's key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-0728
MD5 | 59ced89dc158c0766a0fd79a5735974c
Lenovo ShareIT Information Disclosure / Hardcoded Password
Posted Jan 25, 2016
Authored by Core Security Technologies, Ivan Huertas | Site coresecurity.com

Lenovo ShareIT suffers from hard-coded password, information exposure, missing encryption, and missing authorization vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2016-1489, CVE-2016-1490, CVE-2016-1491, CVE-2016-1492
MD5 | 498b12c9f26fa23e69a5e2b0a2958b51
Android ADB Debug Server Remote Payload Execution
Posted Jan 25, 2016
Authored by joev | Site metasploit.com

This Metasploit module writes and spawns a native payload on an android device that is listening for adb debug messages.

tags | exploit
MD5 | d77551f4825f1ed6b1e204c89bc09c85
Debian Security Advisory 3452-1
Posted Jan 25, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3452-1 - "DrWhax" of the Tails project reported that Claws Mail is missing range checks in some text conversion functions. A remote attacker could exploit this to run arbitrary code under the account of a user that receives a message from them using Claws Mail.

tags | advisory, remote, arbitrary
systems | linux, debian
advisories | CVE-2015-8614
MD5 | 249bc5eac06559765f2f4a8879806c46
Red Hat Security Advisory 2016-0063-01
Posted Jan 25, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0063-01 - The Network Time Protocol is used to synchronize a computer's time with a referenced time source. It was discovered that ntpd as a client did not correctly check the originate timestamp in received packets. A remote attacker could use this flaw to send a crafted packet to an ntpd client that would effectively disable synchronization with the server, or push arbitrary offset/delay measurements to modify the time on the client. All ntp users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the update, the ntpd daemon will restart automatically.

tags | advisory, remote, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-8138
MD5 | b8413210e1542e41539145b7f893ced1
PHP FastCGI Process Manager (FPM) SAPI Memory Leak / Buffer Overflow
Posted Jan 25, 2016
Authored by Imre Rad

PHP-FPM suffered from memory leak and buffer overflow vulnerabilities in the access logging feature. The fixed versions of PHP are 5.5.31, 5.6.17, and 7.0.2.

tags | advisory, overflow, php, vulnerability, memory leak
MD5 | 944d9a43e37f1ce26917b2cf0a973874
PHP LiteSpeed suEXEC_Daemon Secret Disclosure
Posted Jan 25, 2016
Authored by Imre Rad

In suEXEC_Daemon mode of the LiteSpeed web server spawns one PHP master process during startup. It is running as root and accepts LSAPI requests, which in turn specify what user under the script should run. The LSAPI request is authenticated with a MAC, which is based on pre-shared random key between the the PHP and the web server. The researchers found that the Litespeed PHP SAPI module did not clear this secret in its child processes so it was available in the PHP process memory space of the child processes. The fixed versions of PHP are 5.5.31, 5.6.17, and 7.0.2.

tags | advisory, web, root, php, info disclosure
MD5 | d25313bc2ac96b7c25905a3525cc4e8e
pfSense Firewall 2.2.5 Cross Site Request Forgery
Posted Jan 25, 2016
Authored by Aatif Shahdad

pfSense Firewall version 2.2.5 cross site request forgery exploit.

tags | exploit, csrf
MD5 | ca94da039d14675e106a05d46493ce2a
Linux Kernel prima WLAN Driver Heap Overflow
Posted Jan 25, 2016
Authored by Shawn the R0ck

The Linux prima WLAN driver suffers from a heap overflow vulnerability.

tags | exploit, overflow
systems | linux
advisories | CVE-2015-0569
MD5 | ddc9943eb7a25ab66bdbdc672252feb9
WordPress Appointment Booking Calendar 1.1.23 SQL Injection
Posted Jan 25, 2016
Authored by Joaquin Ramirez Martinez

WordPress Appointment Booking Calendar plugin versions 1.1.23 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 598fbbaed428150cfe7361ebe978d468
Linux x86_64 xor/not/div Encoded execve Shellcode
Posted Jan 25, 2016
Authored by Sathish Kumar

Linux x86_64 xor/not/div encoded execve shellcode.

tags | shellcode
systems | linux
MD5 | 881c536a86fe08776243fdb07dbfdf76
FreeBSD SCTP ICMPv6 Denial Of Service
Posted Jan 25, 2016
Site ptsecurity.com

FreeBSD suffers from an SCTP ICMPv6 error processing denial of service vulnerability.

tags | exploit, denial of service
systems | freebsd, bsd
advisories | CVE-2016-1879
MD5 | eb3cb9e922b8db018b68af99a333b2b9
Buffalo NAS Remote Shutdown
Posted Jan 25, 2016
Authored by Zemnmez

Buffalo NAS devices suffer from a remote shutdown / denial of service vulnerability.

tags | exploit, remote, denial of service
MD5 | 376d0d3afacf6ef07995644a1d28506d
Revive Adserver 3.2.2 Open Redirect
Posted Jan 25, 2016
Authored by Ehsan Hosseini

Revive Adserver version 3.2.2 suffers from an open redirection vulnerability.

tags | exploit
MD5 | d4c7aa79c709e73b3415c48d14fa8089
DigiKala Of Iran Cross Site Scripting
Posted Jan 25, 2016
Authored by 4TT4CK3R

DigiKala of Iran suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 63b7117521bb1e3673e051bcb925bdb7
Page 1 of 1

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    9 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2019 Packet Storm. All rights reserved.

Security Services
Hosting By